/contrib/bsnmp/snmp_vacm/snmp_vacm.3

https://bitbucket.org/freebsd/freebsd-head/ · Unknown · 94 lines · 94 code · 0 blank · 0 comment · 0 complexity · a8658902c5e0e84ecbfe6afdae1f4b88 MD5 · raw file 

    

  1. .\"-
    2. 

  2. .\" Copyright (C) 2010 The FreeBSD Foundation
    3. 

  3. .\" All rights reserved.
    4. 

  4. .\" 
    5. 

  5. .\" This documentation was written by Shteryana Sotirova Shopova under
    6. 

  6. .\" sponsorship from the FreeBSD Foundation.
    7. 

  7. .\"
    8. 

  8. .\" Redistribution and use in source and binary forms, with or without
    9. 

  9. .\" modification, are permitted provided that the following conditions
    10. 

  10. .\" are met:
    11. 

  11. .\" 1. Redistributions of source code must retain the above copyright
    12. 

  12. .\"    notice, this list of conditions and the following disclaimer.
    13. 

  13. .\" 2. Redistributions in binary form must reproduce the above copyright
    14. 

  14. .\"    notice, this list of conditions and the following disclaimer in the
    15. 

  15. .\"    documentation and/or other materials provided with the distribution.
    16. 

  16. .\" 
    17. 

  17. .\" THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
    18. 

  18. .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
    19. 

  19. .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
    20. 

  20. .\" ARE DISCLAIMED.  IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
    21. 

  21. .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
    22. 

  22. .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
    23. 

  23. .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    24. 

  24. .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
    25. 

  25. .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
    26. 

  26. .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
    27. 

  27. .\" SUCH DAMAGE.
    28. 

  28. .\"
    29. 

  29. .\" $FreeBSD$
    30. 

  30. .\"
    31. 

  31. .Dd October 7, 2010
    32. 

  32. .Dt SNMP_VACM 3
    33. 

  33. .Os
    34. 

  34. .Sh NAME
    35. 

  35. .Nm snmp_vacm
    36. 

  36. .Nd "View-based Access Control module for"
    37. 

  37. .Xr bsnmpd 1
    38. 

  38. .Sh LIBRARY
    39. 

  39. .Pq begemotSnmpdModulePath."vacm" = "/usr/lib/snmp_vacm.so"
    40. 

  40. .Sh DESCRIPTION
    41. 

  41. The
    42. 

  42. .Nm snmp_vacm
    43. 

  43. module implements SNMPv3 View-based Access Control Model MIB as defined in
    44. 

  44. RFC 3415. The module is used to manage the internal lists of SNMPv1, v2c and
    45. 

  45. v3 user names and groups and their access rights to fetch or modify the values
    46. 

  46. of the MIB objects maintained by
    47. 

  47. .Nm bsnmpd
    48. 

  48. and the modules loaded in the daemon.
    49. 

  49. The module must be loaded for
    50. 

  50. .Nm bsnmpd
    51. 

  51. to implement proper view-based access control. If the module is not loaded,
    52. 

  52. access is granted to all configured SNMPv1 & SNMPv2c communities and SNMPv3
    53. 

  53. USM users.
    54. 

  54. .Sh IMPLEMENTATION NOTES
    55. 

  55. An entry in any table implemented by this MIB may be created by setting the
    56. 

  56. relevant RowStatus column to createAndGo (4) - in fact, any other value for
    57. 

  57. those columns in a SET operation will cause an error. When an entry is created,
    58. 

  58. any of its columns that is not used as index, is set to the default value as
    59. 

  59. specified in the SNMP-VIEW-BASED-ACM-MIB. All entries maintained by the module
    60. 

  60. are persistent after reboot if created via
    61. 

  61. .Nm bsnmpd 's
    62. 

  62. config file, otherwise entries created via SNMP are lost after reboot.
    63. 

  63. A short description of the objects in the MIB follows.
    64. 

  64. .Bl -tag -width "XXXXXXXXX"
    65. 

  65. .It Va vacmContextTable
    66. 

  66. A read-only table that consists of a list of SNMP contexts available in
    67. 

  67. .Nm bsnmpd .
    68. 

  68. .It Va vacmSecurityToGroupTable
    69. 

  69. The table contains a list of SNMPv1, v2c and v3 user names and the groups
    70. 

  70. they belong to.
    71. 

  71. .It Va vacmAccessTable
    72. 

  72. The table contains a list of SNMP contexts to groups mappings and respectively
    73. 

  73. the names of the SNMP views under those contexts, to which users in the group
    74. 

  74. are granted read-only, read-write access or receive notifications for the
    75. 

  75. objects under the subtree in the relevant view.
    76. 

  76. .It Va vacmViewTreeFamilyTable
    77. 

  77. The table contains a list of SNMP views, i.e. entries specifying the OID of a
    78. 

  78. MIB subtree and whether access to the objects under this subtree is to be
    79. 

  79. allowed or forbidden.
    80. 

  80. .El
    81. 

  81. .Sh FILES
    82. 

  82. .Bl -tag -width "XXXXXXXXX"
    83. 

  83. .It Pa /usr/share/snmp/defs/vacm_tree.def
    84. 

  84. The description of the MIB tree implemented by
    85. 

  85. .Nm .
    86. 

  86. .El
    87. 

  87. .Sh SEE ALSO
    88. 

  88. .Xr bsnmpd 1 ,
    89. 

  89. .Xr gensnmptree 1 ,
    90. 

  90. .Xr snmpmod 3
    91. 

  91. .Sh STANDARDS
    92. 

  92. IETF RFC 3415
    93. 

  93. .Sh AUTHORS
    94. 

  94. .An Shteryana Shopova Aq syrinx@FreeBSD.org
    95.